Introduction

Data is the new currency and securing it across the environment is foundational particularly as artificial intelligence (AI) and machine learning (ML) become critical tools for the optimization of business objectives. 

In computing, data exists in three states: in transit, at rest, and in use. Data traversing the network is “in transit,” data in storage is “at rest,” and data being processed is “in use.” In a world where we are constantly storing, consuming, and sharing sensitive data protecting it in all its states is more critical than ever.

To help ensure data confidentiality and integrity businesses leverage cryptography to stop unauthorized viewing and prevent or detect unauthorized changes. But while these techniques to protect data “in transit” and “at rest” are now commonly deployed, the third state – protecting data “in use” – is a less traveled frontier and threat actors are increasingly shifting their focus to target data-in-use as their focus knowing they have a higher probability of a successful attack. 

Protecting Data In-Use

Response to the third use case can be addressed with Confidential Computing, which serves to help ensure that cloud data remains confidential and protected “in use” by encrypting and isolating the data, the applications, and code processing that data.

In the context of confidential computing, unauthorized entities could include other applications on the host, the host operating system and hypervisor, system administrators, service providers, the infrastructure owner—or anyone else with physical access to the hardware including threat actors.  Confidential computing protects data throughout its lifecycle ensuring:

• Data confidentiality by preventing unauthorized entities from viewing data while it is in use.
• Data integrity by preventing unauthorized entities from altering data when it is being processed.
• Code integrity by ensuring that the code cannot be replaced or modified by unauthorized entities.

Together, these attributes provide not only an assurance that the data is kept confidential, but also that the computations performed are the correct computations, allowing one to trust the results of the computation as well.  A dependency which only amplifies as the algorithms and analytics leveraged by AI and ML increase.  After all basing business decisions on corrupted data could be catastrophic to both companies and consumers alike.

Confidential Computing in OCI

In OCI confidential instances are compute virtual machines (VMs) or bare metal instances where both the data, and the application processing the data, are encrypted and isolated while the data is processing, preventing unauthorized access or modification of either the data or the application code.

The OCI Confidential Compute solution is available on Oracle’s AMD instances, which have the second and third generation AMD EPYC™ processors. Confidential VMs use AMD Secure Encrypted Virtualization (SEV) technology, while confidential bare metal instances use AMD Transparent Secure Memory Encryption (TSME) technology.

Confidential computing:

• Improves isolation using real-time encryption. Data and applications are encrypted using a per-VM encryption key generated during the VM creation and resides solely in the AMD Secure Processor, which is part of the CPU. This key is not accessible from any applications, the VM or instance, the hypervisor, or Oracle Cloud Infrastructure.
• Requires no change to the application to enable Confidential VMs.
• Provides high performance while protecting data in-use with minimal performance impact.

Confidential Computing protects data in use at the hardware level, allowing customers to enable confidential virtual machines (VMs) with the help of AMD Infinity Guard features, such as secure encrypted virtualization (SEV) and confidential bare metal servers with secure memory encryption (SME). These features take advantage of security components available in 2nd and 3rd Generation AMD EPYC processors available in all OCI’s E3 and E4 shapes.

• With AMD SEV, AMD EPYC processors help to safeguard integrity and privacy by using a unique key per VM for encryption of memory to isolate guests from the hypervisor and one another.
• With SME, a single key is generated by the AMD Secure Processor at boot and used to encrypt the full system memory.

The encryption keys are safeguarded at the hardware level by the secure processor, so that even Oracle doesn’t have access.

Benefits

Confidential Computing has several benefits that organizations can consider as they decide whether to augment their security posture to include Confidential VMs or bare metal servers.

• By providing security through the lowest layers of hardware, Confidential Computing minimizes the list of trusted parties (OS, ecosystem partners, and administrators), thereby helping reduce the risk of data exposure.
• By providing a smaller attack surface and more security of data in use through a tightened hardware-based root of trust, it helps protect against some types of vulnerabilities such as insider threats and firmware compromises. In industries such as finance, healthcare, or other highly regulated industries, protecting data throughout its entire lifecycle is critical.
• Organizations can also use Confidential Computing to help meet and maintain regulatory compliance to regional and industry frameworks.

All these benefits are available through OCI’s Confidential Computing offering without application code changes and with minimal performance impact. Enabling Confidential Computing doesn’t incur any extra costs on top of Compute instance pricing.

Conclusion

OCI’s Confidential Compute provides high performance while protecting data in-use enabling businesses with little to no performance impact for most applications making it a good solution to ensure data is protected across its full lifecycle at a time when data integrity means everything.  

References

• https://github.com/privacysandbox/protected-auction-services-docs/blob/main/trusted_services_overview.md
• https://developers.google.com/privacy-sandbox/overview/relevance-and-measurement-faqs
• https://docs.oracle.com/en-us/iaas/Content/Compute/References/confidential_compute.htm
• http://cloud.google.com/confidential/computeing/confidential-vm/docs/confidential-vm-overview

Connect with us

Call +1.800.ORACLE1 or visit oracle.com. Outside North America, find your local office at: oracle.com/contact.

        blogs.oracle.com                        facebook.com/oracle                          twitter.com/oracle

Copyright © 2024, Oracle and/or its affiliates. This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.

Oracle, Java, MySQL, and NetSuite are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.